See the code give given below. I was fighting with this code since last 5 hours to know why isset() is eveluating the condition as false if value is posted exactly what it shall POST.If I uncomment the line no. - 4,5,6,7,8 and put rest of the code from line no. 10 to 28 I can see the POSTED value .Can Anyone help in this by any guidance or suggestion. I will be thankful.

2) don't hash with javascript. do it server side in your php code. doing it with javascript allows the visitor to break it by disabling, or even worse by letting them see how it's done. your php code is secure, javascript is transparent.

3) name your submit button. the easiest way to check if a form has been submitted, is to check isset($_POST['submit']). then take the plain text pass and hash it etc.

I know that doesn't exactly answer your question, but you're not actually posting your form unless it happens inside of the formhash2 function.

OK in my index.php there are 2 forms you can see here First Form is giving troble to me but the second form is Cool both the form is going with same process as you can see in the code of functions.js I have only 1 question to know before that take a look in my form -

ok, the article telling you that this is secure is wrong for the reasons already given. end users can see and affect hashing because it's done in js. unsetting the plaintext password is an almost laughable security measure because at best it may protect from someone watching unencrypted wifi traffic. completely ignoring all of the other things they could do if someone had direct access to your visitor's traffic like that, you can't make yourself responsible for securing their connection beyond their traffic with your site, and letting the hash happen on their computer is a compromise to YOUR site's security. The proper way to do what you're trying to do, is to hash server side. example:

1. register form sends email and plaintext password.2. php script generates a $salt (random hex string of pre-determined length)3. hash is generated like: $hash=md5(hash("sha256",$password.$salt).$salt); //$salt is hashed with pass, and then appended so that same salt will be used to check future login attempts4. user record is created in database with email and hashed password.

Then when the user attempts to login:

1. login form sends email and password2. php script locates record in database by email address or user name3. $salt is taken from stored value, and new test hash is created with same formula:$testhash=md5(hash("sha256",$password.$salt).$salt);4. if $testhash===$userrecord['pass_hash'] that was stored at registration, then they've entered the correct password and can proceed.